There are over 1 billion Gmail users all around the world, and once more a lot of them got attacked by a very convincing Google Docs phishing scam. It has hardly been a few months since the last Gmail scam that spread like a wildfire. The attacks continue to get more convincing leaving even the tech savvy users in crosshairs.
On the afternoon of Wednesday, a lot of users that included the reporters from BuzzFeed, Hearst, New York Magazine, Vice, Gizmodo and plenty more received emails with very realistic invites to view a Google Docs file. Clicking on the link will redirect you to a login screen, just like that of real Google accounts complete with the list of all your Google Accounts. The hackers did not even miss out on a hair while replicating Google’s newest design.
Apart from the perfect layout, the authentic looking Google.com URL makes it even worse. If you did not receive the email directly from the hackers, you might receive one from one of your contacts who fell prey to the attack. If anyone clicks on the link, the malware will forward the email to all their contacts, which makes the scam even more believable.
Just got this as well. Super sophisticated. pic.twitter.com/l6c1ljSFIX
— zach latta (@zachlatta) May 3, 2017
The email is sent by very legitimate looking email addresses with extensions that you might believe. Some addresses had .gov, .buzzfeed extensions that were more trustable for the intended users. The purpose is not to deliver malware but to hijack the credentials.
Convincing as it might seem if you look closely enough, you will notice the differences from the actual Gmail Google Docs emails. The most prominent hint is the “hhhhhhhhhhh” email to which it is addressed with your email address in “Bcc.”
Google has said that the malicious accounts have been disabled and the users have been updated. A spokesperson stated that less than 01 percent of Gmail users were affected, equating to about 1 million people. Google managed to control the attack in about an hour of its happening and released an official statement on Twitter:
(1 of 3) Official Google Statement on Phishing Email: We have taken action to protect users against an email impersonating Google Docs…
— Google Docs (@googledocs) May 3, 2017
(2 of 3) & have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team…
— Google Docs (@googledocs) May 3, 2017
(3 of 3) is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.
— Google Docs (@googledocs) May 3, 2017
This particular attack has been controlled, but it was without a doubt quite successful. Similar attacks from attackers may follow until Google manages to block the entire concept once and for all. When on the internet, look thrice before you click anything. Not all that glitters is gold. Well, in this case, not all that looks like Google is Google.
Very informative Aayesha arif !